<?php

//menu_add
function menu_add() {
	global $conf;

	if(perms_check('menu', 'add')) {
		$db = new dbquery;
		$db2 = new dbquery;

		$languages = get_lang_list();
		foreach($languages as $l) {
			$_POST["content_$l"]=post_text($_POST["content_$l"]);
			$_POST["title_$l"]=post_text($_POST["title_$l"]);
		}

		//before_options
		if($_POST['x']) {
			if($_POST['before_'.$_POST['x']]!='none') {
				$y=$_POST['before_'.$_POST['x']];
				$db->query("SELECT * FROM $conf[prefix]menu WHERE y>='$y' && x='$_POST[x]'");

				while($c=$db->fetch_object())
				$db2->query("UPDATE $conf[prefix]menu SET y=y+1 WHERE id='$c->id'");
			}
			else {
				$db->query("SELECT * FROM $conf[prefix]menu WHERE x='$_POST[x]' ORDER by y DESC");

				$d=$db->fetch_object();
				$y=$d->y+1;
			}
		}
		//
		
		switch($_POST['how_access']) {
			case 'simple':
				$access = $_POST['access'];
				$perms = NULL;
				break;
			case 'groups':
				$perms = NULL;
				for($i = 0; $i < count($_REQUEST['groups']); $i++) {
					if($perms != NULL)
					$perms .= ';';
					$perms .= $_REQUEST['groups'][$i];
				}
				$access = -3;
				break;
			case 'adv':
				$access = $_POST['acc_module'];
				$perms = $_POST['acc_perms'];
				break;
			default:
				$access = -1; //view by all
				$perms = NULL;
				break;
		}

		$sqlV='';
		$sqlI='';
		foreach($languages as $l) {
			$sqlI .= ", `title_".$l."`, `content_".$l."`";
			$sqlV .= ", '".$_POST["title_$l"]."', '".$_POST["content_$l"]."'";
		}

		$query = "INSERT INTO $conf[prefix]menu (`id` ,`x` ,`y` ,`status` ,`access` ,`perms` ".$sqlI.") VALUES (NULL, '$_POST[x]', $y, 1, '$access', '$perms' ".$sqlV.")";
		$db->query($query) or $db->err(__FILE__, __LINE__);

		//add log
		$t='title_'.$_SESSION['lang_short'];
		
		//

		//clear sql_cache
		$db->clear_cache('*', 'menu');
		//
	}
	redirect('index.php?module=admin&action=menu');
	exit;
}
//

//menu_edit
function menu_edit() {
	global $conf;

	if(!perms_check('menu', 'edit')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}


	$db = new dbquery;
	$db->query("SELECT * FROM $conf[prefix]menu WHERE id=$_POST[id]");

	$u=$db->fetch_object();

	$languages = get_lang_list();
	foreach($languages as $l) {
		$_POST["content_$l"]=post_text($_POST["content_$l"]);
		$_POST["title_$l"]=post_text($_POST["title_$l"]);
	}

	switch($_POST['how_access']) {
		case 'simple':
			$access = $_POST['access'];
			$perms = NULL;
			break;
		case 'groups':
			$perms = NULL;
			for($i = 0; $i < count($_REQUEST['groups']); $i++) {
				if($perms != NULL)
				$perms .= ';';
				$perms .= $_REQUEST['groups'][$i];
			}
			$access = -3;
			break;
		case 'adv':
			$access = $_POST['acc_module'];
			$perms = $_POST['acc_perms'];
			break;
		default:
			$access = -1; //view by all
			$perms = NULL;
			break;
	}

	$query = "UPDATE $conf[prefix]menu SET ";

	foreach($languages as $l)
	$query .= "title_$l = '".$_POST["title_$l"]."', content_$l = '".$_POST["content_$l"]."', ";

	$query .= "status='$_POST[status]', access = '$access', perms = '$perms' WHERE id=$_POST[id]";

	$db->query($query) or $db->err(__FILE__, __LINE__);

	$db2 = new dbquery;

	//before_options
	if($_POST['x']) {
		if($_POST['before_'.$_POST['x']]!='none') {
			if($u->x!=$_POST['x'] or $u->y!=($_POST['before_'.$_POST['x']]-1)) {
				$db->query("SELECT * FROM $conf[prefix]menu WHERE y>$u->y && x='$u->x'") or $db2->err(__FILE__, __LINE__);
				while($c=$db->fetch_object()) {
					$db2->query("UPDATE $conf[prefix]menu SET y=y-1 WHERE id='$c->id'") or $db2->err(__FILE__, __LINE__);
				}
				$y=$_POST['before_'.$_POST['x']];
				$db->query("SELECT * FROM $conf[prefix]menu WHERE y>=$y && x='$_POST[x]'") or $db2->err(__FILE__, __LINE__);

				while($c=$db->fetch_object())
				$db2->query("UPDATE $conf[prefix]menu SET y=y+1 WHERE id='$c->id'") or $db2->err(__FILE__, __LINE__);
			}
			else
			$update='no';
		}
		else {
			$db->query("SELECT * FROM $conf[prefix]menu WHERE y>$u->y && x='$u->x'");
			while($c=$db->fetch_object())
			$db2->query("UPDATE $conf[prefix]menu SET y=y-1 WHERE id='$c->id'") or $db2->err(__FILE__, __LINE__);
			$db->query("SELECT * FROM $conf[prefix]menu WHERE x='$_POST[x]' && id!=$_POST[id] ORDER by y DESC") or $db2->err(__FILE__, __LINE__);
			$d=$db->fetch_object();
			$y=$d->y+1;
		}
		if($update!='no')
		$db2->query("UPDATE $conf[prefix]menu SET x='$_POST[x]', y=$y WHERE id=$_POST[id]") or $db2->err(__FILE__, __LINE__);
	}
	//

	//add log
	$t='title_'.$_SESSION['lang_short'];
	
	//

	//clear sql_cache
	$db->clear_cache('*', 'menu');
	//

	redirect('index.php?module=admin&action=menu');
	exit;
}
//

//menu_delete
function menu_delete() {
	global $conf;

	if(perms_check('menu', 'del')) {
		$db = new dbquery;
		$db2 = new dbquery;

		$db->query("SELECT * FROM $conf[prefix]menu WHERE id=$_GET[id]") or $db->err(__FILE__, __LINE__);
		$u=$db->fetch_object();
		$db->query("SELECT * FROM $conf[prefix]menu WHERE x = '$u->x' ORDER BY y ASC") or $db->err(__FILE__, __LINE__);

		while($d=$db->fetch_object()) {
			if($u->y<$d->y) {
				$y=$d->y-1;
				$id_=$d->id;

				$db2->query("UPDATE $conf[prefix]menu SET y='$y' WHERE id=$id_") or $db2->err(__FILE__, __LINE__);
			}
		}

		$db->query("DELETE FROM $conf[prefix]menu WHERE id=$_GET[id]") or $db->err(__FILE__, __LINE__);

		//add log
		$t='title_'.$_SESSION['lang_short'];
		
		//

		//clear sql_cache
		$db->clear_cache('*', 'menu');
		//
	}

	redirect('index.php?module=admin&action=menu');
	exit;
}
//

//menu move down
function menu_move_down() {
	global $conf;

	if(!perms_check('menu', 'edit')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	$db = new dbquery;
	$db2 = new dbquery;
	$db3 = new dbquery;

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x = '$_GET[x]' ORDER BY y ASC") or $db->err(__FILE__, __LINE__);
	$db2->query("SELECT * FROM $conf[prefix]menu WHERE x = '$_GET[x]' ORDER BY y DESC") or $db2->err(__FILE__, __LINE__);

	$d_2=$db2->fetch_object();

	while($d=$db->fetch_object()) {
		if(($d->id)==$_GET['id']) {
			if($d->y!=$d_2->y) {
				$y=$d->y;
				$id_=$d->id;
				$d=$db->fetch_object();
				$id_2=$d->id;
				$y_2=$y+1;

				$db3->query("UPDATE $conf[prefix]menu SET y=$y_2 WHERE id=$id_") or $db3->err(__FILE__, __LINE__);
				$db3->query("UPDATE $conf[prefix]menu SET y=$y WHERE id=$id_2") or $db3->err(__FILE__, __LINE__);
			}
		}
	}
	redirect('index.php?module=admin&action=menu');
	exit;
}
//

//menu move up
function menu_move_up() {
	global $conf;

	if(!perms_check('menu', 'edit')) {
		redirect('index.php?module=error&error=auth_error');
		exit;
	}

	$db = new dbquery;
	$db2 = new dbquery;

	$db->query("SELECT * FROM $conf[prefix]menu WHERE x = '$_GET[x]' ORDER BY y DESC") or $db->err(__FILE__, __LINE__);

	while($d=$db->fetch_object()) {
		if(($d->id)==$_GET['id']) {
			if($d->y!=1) {
				$y=$d->y;
				$id_=$d->id;

				$d=$db->fetch_object();

				$id_2=$d->id;
				$y_2=$y-1;

				$db2->query("UPDATE $conf[prefix]menu SET y=$y_2 WHERE id=$id_") or $db2->err(__FILE__, __LINE__);
				$db2->query("UPDATE $conf[prefix]menu SET y=$y WHERE id=$id_2") or $db2->err(__FILE__, __LINE__);
			}
		}
	}

	redirect('index.php?module=admin&action=menu');
	exit;
}
//

?>
